How to Protect your Small Business from Cyber-Attacks?
Small businesses need to be aware that despite the size of the business, almost 60 percent of UK SMEs have been a victim of an attack. Cyber-attacks on SMEs have been increased year on year. In 2015, 50% of cyber-attacks on businesses in the UK were targeted at smaller firms.
No one is too small to go untargeted.
If you are starting up a small business or you already own one, you need to know your cyber security and make preparations to defend yourself against the attackers.
You may think “why on earth an attacker would target a small firm when there are more successful and larger companies?”. Well, you think wrong. Because small businesses are easier targets as most of them don’t prepare themselves for attacks and as a bonus, they may be a partner of larger companies. Being a partner of larger companies means, your data, their data and bigger prizes through your IT.
Cybercriminals can exploit these links to get under the much more robust defenses of large multinationals.
But why SMEs are so unprepared?
The start-up world is so fast-paced and hectic that often business owners don’t have time to consider the ramifications of a data breach or malware problem. That said, they’re quick to embrace cloud technology and its many benefits, so why aren’t they thinking about cyber safety?
Let’s look at the facts.
New research from MYOB has shown that the majority of small businesses surveyed (87%) consider themselves safe because they have antivirus software installed to prevent cyber-attacks. A further 72% also believe that their information is safe when they store it in the cloud.
It’s concerning that such a vast majority consider themselves safe from cyber-attacks simply because they have antivirus software. While this software is a great step in the right direction, it’s certainly not the be-all and end-all of cybersecurity.
How would you protect your business from cyber-attacks?
There are lots of ways small businesses can defend themselves from cyber attack. For example, the estimation is that only 41 percent of SMEs have a secure Wi-Fi router, so odds are your business needs to password-protect your Wi-Fi. Here are 5 more ways small businesses can defend themselves.
Malware is the general term for all malicious things like Trojans and Ransomware that can steal your data and cripple your business. Install anti-malware and end-point firewall solutions on all systems and keep your software and web browsers up to date. Consider restricting access to non-business websites to lessen the risk of being exposed.
Some most used anti-malware software are: BitDefender, Malwarebytes, AVG and Microsoft Security Essentials
Encryption is a difficult concept to grasp, but it’s a necessary part of protecting your business’s sensitive data. At a basic level, encryption is the process of scrambling text (called ciphertext) to render it unreadable to unauthorized users. You can encrypt individual files, folders, volumes or entire disks within a computer, as well as USB flash drives and files stored in the cloud.
Encryption is available for any device or area whether the information is stored or in transit, including:
-USB and external drives
-Complete hard drives
Built-in encryption programs:
Protect your network
Maintaining a secure small business network isn’t easy, but it is crucial. Increasing protection of your networks, including wireless networks against external attacks using firewalls, proxies, access lists and other measurements.
Check that you are using the WPA2/PSK standard for your Wi-Fi. It’s the latest and best in Wi-Fi security for most SMEs. Get into the admin section on the router and look at the Security Options to find out if you’re safe.
Get SSL Certificate
SSL certificate is very important for the businesses that take payments on their websites. The SSL connection is encrypted and will secure sensitive data, such as credit card information, logins, passwords, forms and all over data exchanged during each user visit (session). Google takes HTTPS into consideration for SEO.
Nearly all (95 percent) of cyber-attacks feature human error somewhere along the line. This can range from leaving doors unlocked to accidentally giving away a password or other actions via social engineering. The best mitigation is training and awareness of your users including;
- Generate a strong and a long password with uppercase, lowercase letters, special characters, numbers, and symbols and change them routinely. (NCSC’s Password Guidance)
- Back up their work,
- Monitor their IT equipment and ask for help if they notice strange happenings on their computers,
- Know which apps, programs and data they can or can’t install and how to keep their machine clean,
- Throw out suspicious links in email, tweets, posts, online ads, messages or attachments—even if they know the source.
Our Seminars & Webinars
If you need to learn more about Cyber Security and need assistance, join us in our upcoming Cyber-Security seminar on May 18, 2018. Our fantastic tech-savvy engineer, Josh Evans, will guide you through how the world of cyber-crime works, what kind of threats are on the internet currently and what YOU can do to stop them. Find tickets here: Online Threats – Know your CyberSecurity 2018
Another important point is the upcoming cyber challenges, such as EU’s General Data Protection Regulation (GDPR) which beefs up the financial and regulatory penalties against businesses for loss of, or failure to adequately secure, clients’ personal data. If you don’t know what GDPR is or haven’t taken any action to comply with, you should start immediately because the act commences on 25th May 2018. Read more about GDPR here: Introduction to GDPR
If you wish to have more information about GDPR and download our Free GDPR Webinar, please follow this link.
Lucidica is the IT support team for London businesses